#include "X509.h"
+#include <fstream>
#include <iostream>
#include <openssl/ssl.h>
pk = std::shared_ptr<EVP_PKEY>( pkt, EVP_PKEY_free );
}
+X509Req::X509Req( std::string spkac ) {
+ if( spkac.compare( 0, 6, "SPKAC=" ) != 0 ) {
+ throw "Error: not a SPKAC";
+ }
+
+ spkac = spkac.substr( 6 );
+ NETSCAPE_SPKI* spki_p = NETSCAPE_SPKI_b64_decode( spkac.c_str(), spkac.size() );
+
+ if( !spki_p ) {
+ throw "Error: decode failed";
+ }
+
+ spki = std::shared_ptr<NETSCAPE_SPKI>( spki_p, NETSCAPE_SPKI_free );
+ EVP_PKEY* pkt_p = NETSCAPE_SPKI_get_pubkey( spki.get() );
+
+ if( !pkt_p ) {
+ throw "Error: reading SPKAC Pubkey failed";
+ }
+
+ pk = std::shared_ptr<EVP_PKEY>( pkt_p, EVP_PKEY_free );
+}
+
int X509Req::verify() {
+ if( !req ) {
+ return NETSCAPE_SPKI_verify( spki.get(), pk.get() );
+ }
+
return X509_REQ_verify( req.get(), pk.get() );
}
return std::shared_ptr<X509Req>( new X509Req( req ) );
}
+std::shared_ptr<X509Req> X509Req::parseSPKAC( std::string content ) {
+ return std::shared_ptr<X509Req>( new X509Req( content ) );
+}
+
int add_ext( std::shared_ptr<X509> issuer, std::shared_ptr<X509> subj, int nid, const char* value ) {
X509_EXTENSION* ex;
X509V3_CTX ctx;
}
}
-void X509Cert::setSerialNumber( int num ) {
- ASN1_INTEGER_set( target.get()->cert_info->serialNumber, num );
+void X509Cert::setSerialNumber( BIGNUM* num ) {
+ BN_to_ASN1_INTEGER( num , target->cert_info->serialNumber );
}
-void X509Cert::setTimes( long before, long after ) {
+void X509Cert::setTimes( uint32_t before, uint32_t after ) {
X509_gmtime_adj( X509_get_notBefore( target.get() ), before );
X509_gmtime_adj( X509_get_notAfter( target.get() ), after );
}
X509_EXTENSION_free( ext );
}
-std::string X509Cert::sign( std::shared_ptr<EVP_PKEY> caKey ) {
+std::shared_ptr<SignedCertificate> X509Cert::sign( std::shared_ptr<EVP_PKEY> caKey ) {
if( !X509_sign( target.get(), caKey.get(), EVP_sha512() ) ) {
throw "Signing failed.";
}
- X509_print_fp( stdout, target.get() );
+ //X509_print_fp( stdout, target.get() );
std::shared_ptr<BIO> mem = std::shared_ptr<BIO>( BIO_new( BIO_s_mem() ), BIO_free );
PEM_write_bio_X509( mem.get(), target.get() );
BUF_MEM* buf;
BIO_get_mem_ptr( mem.get(), &buf );
- std::string output( buf->data, buf->data + buf->length );
- return output;
+ std::shared_ptr<SignedCertificate> res = std::shared_ptr<SignedCertificate>( new SignedCertificate() );
+ res->certificate = std::string( buf->data, buf->data + buf->length );
+ BIGNUM* ser = ASN1_INTEGER_to_BN( target->cert_info->serialNumber, NULL );
+ char* serStr = BN_bn2hex( ser );
+ res->serial = std::string( serStr );
+ OPENSSL_free( serStr );
+ BN_free( ser );
+ return res;
}